Gauci Maistre Xynou (Legal/Assurance) Managing Partner Dr Jean-Pie Gauci-Maistre and Associate Dr Roberta Farrugia Galea speak to MaltaToday about why Maltese companies are now required to identify and maintain a register of their beneficial owners and to provide such information to the Maltese Registry of Companies

With more complicated company structures being used, it has become increasingly more difficult to establish who the ultimate beneficial owners of entities are. In light of the new regulation, do you believe that the Ultimate Beneficial Ownership (UBO) Register can help in any way to prevent financial crime?

The UBO Register system is a further step in the right direction taken in light of the issuance of the 4th Anti-Money Laundering Directive (4AMLD) back in 2015. Even more so, the introduction of the UBO Register is also important in light of the aftermath of several terrorist attacks that have struck in the EU and also the revelation of the “Panama Papers” scandal in 2016.

The UBO Register system seems to be directly aimed at helping curb terrorist funding, money laundering and tax evasion. The UBO registers should definitely help in this respect because they allow national financial crime authorities, especially financial intelligence units and tax authorities, to access information on the beneficial ownership of companies. Furthermore, one cannot simply consider the Companies Act (Register of Beneficial Owners) Regulations (hereafter “the Regulations”) in isolation.

The Regulations are the transposing legislation of the EU 4AMLD which establishes a “system” of interconnected national registers which are centralised via the European Central Platform and the European e-Justice Portal. The financial crime authorities of one Member State may accordingly access data collected in another Member State and this is a strength of the UBO register system when it comes to curbing financial crime. Having said this, much of the effectiveness of the system depends on what information subject persons provide. That is, how can the system adequately prevent financial crime if the information given by companies, on their own beneficial ownership, is not in some way verified or validated?

How will the UBO Registers affect the engagement of new customers within financial institutions?

The 5th Anti-Money Laundering Directive (5AMLD) will introduce “centralised bank account registries and data retrieval systems” for the identification of the persons holding bank and payment accounts. This will put significant pressure on banks. Apart from the cost it would take to invest in systems to gather such information, one must also consider the difficulty of keeping up with new accounts, closed accounts and any changes in previously supplied information.

More than a year after the Panama Papers scandal first broke, the fallout from the leaks continues, strengthening the need towards greater transparency. Is a UBO register enough to improve EU transparency of company ownership?

The Panama Papers heightened the need for creating systems that would ensure a higher level of transparency in order to tackle financial crime. The need for more transparency by means of a system of mandatory UBO Registers in each of the EU Member States had already been identified in 2015 under the 4AMLD. The data that would be collected is primarily accessible to anti-financial crime authorities notably financial intelligence units (FIUs) and tax authorities. The data is, however, also public, subject to some very rigid rules which require that there is a justified legitimate interest in accessing the UBO data.

Nonetheless, transparency of company ownership, especially when viewed in terms of crime fighting, requires a harmonised transposition of the anti-money laundering directives. One must also keep in mind that the UBO register system is an EU-wide measure and the UBO registers of the Member States are interconnected through the European Central Platform and the European e-Justice portal.

It is important not to underestimate the work involved in implementing such regulations. A fair amount of work is thrust upon the private sector and the public authorities, primarily the registry of companies, MFSA. It has been a steep learning curve for all involved and the constant and open dialogue between the public authorities and the private sector is crucial to ensuring that, despite the increased compliance, it is business as usual.

Organisations need to be 100% sure that they can rely on what is held in the registers without any increased risk towards their businesses. Do you believe that these registers can guarantee accurate information within them, which information is enough for businesses to depend on?

While the 4AMLD obliges the Member States to collect “adequate, accurate, and current information”, the local transposing legislation does not provide for any controls in this respect. To the contrary, the collection of data for the UBO Registers relies wholly on self-certification by the subject companies.

It can be reasonably expected that this will change once Malta is obliged to transpose the new 5AMLD. The new text provides that the Member States require information which is “adequate, accurate and current” but also obliges the Member States to “put in place mechanisms to this effect”.

Having said this, in general, these registers should never be completely relied upon by subject persons. To the contrary, subject persons need to do their own verification (KYC) for their own purposes and procedures. The registers, however, can most certainly provide good guidance for subject persons.

Ultimately, the issue of transparency cannot be looked at solely in terms of having access to the UBO data. If the goal of setting up a UBO register is to build confidence and trust in our financial services sector, then, the data contained in these registers must be accurate and constantly kept up to date.

In accordance with the regulation, how will the data be accessed and by whom? How will this affect individual data in light of Data Protection Regulations?

The Companies Act (Register of Beneficial Owners) Regulations provide for three categories of access. In all cases the data is accessed from the central register held by the Registrar of Companies:

The first type of access is that without any restriction and which must be given without alerting the company concerned. The second type of access is that given for the purpose of carrying out customer due diligence and thus the data which can be accessed is limited to this effect. The access is given to service providers operating in or from Malta. The third type of access is that offered to any person or organisation. However, this is far from granting access to the public as there are stringent restrictions imposed. It is important to note that this third category will become open to the public if the current text of the 5AMLD is adopted.

The European Data Protection Supervisor (EDPS) has issued an opinion criticising the amendments introduced by the 5AMLD, arguing that the information access provided by the anti-money laundering directives is not proportional to the objectives set out thereunder. In particular, the EDPS has stated that forms of personal data processing are acceptable for anti-money laundering and counter-terrorism purposes but not for tax evasion. It has also lamented that data access has been given to the public and that there are no safeguards that condition access to information on financial transactions by FIUs.

The European Commission’s 5th Anti-Money Laundering Directive (5AMLD) included a proposal to lower the threshold to 10 percent for higher-risk entities, including trusts, to provide beneficial ownership details. However, this proposal has not been included in the final text adopted on the 19th of April 2018. Would this new threshold have provided for greater safeguards against financial crime or would it have proven to be too low?

The original proposal of the Commission was to introduce a 10% threshold only in respect of “passive non-financial entities”. This proposal was considered too fragile by the European Parliament which proposed to have the threshold lowered to 10% in respect of all entities. However, both proposals were dropped when the directive passed through the Council of the EU. The proposal had drawn some criticism that the threshold is too low and would entail an excessive burden on obliged entities due to more data being collected. It is imperative to strike the right balance between achieving the correct level of transparency without creating excessive burdens on the public and private sector that will ultimately dissuade stakeholders from investing in Malta due to excessive bureaucracy, costs, etc.